Category Started On Completed On Duration Cuckoo Version
FILE 2014-07-03 18:58:58 2014-07-03 19:00:55 117 seconds 1.2-dev
Machine Label Manager Started On Shutdown On
machine4 xpmachine4 VirtualBox 2014-07-03 18:58:58 2014-07-03 19:00:54

File Details

File name Notification_72384792387498237989237498237498.exe
File size 122368 bytes
File type PE32 executable (GUI) Intel 80386, for MS Windows
CRC32 EA4DC71C
MD5 a7f762da9ef00da489e2f47da3c5e8d6
SHA1 9a21cf1162e7e0aad291610eb25753643f985aa2
SHA256 d1d1b5bf3454017e5fa04ba2da9dae04f182b9cfee0f33cab477f459eda4a02a
SHA512 51d0ddae7f525e59565d4bf14f1f13d5d5b41db477d1c45088ad845247ba7c0c38e58226269ac5dd1ad6df5f7bd4ef119826e8030929709bc7477707e50130b4
Ssdeep None
PEiD None matched
Yara None matched
VirusTotal Permalink
VirusTotal Scan Date: 2014-07-03 22:54:43
Detection Rate: 4/52 (Expand)

Signatures

File has been identified by at least one AntiVirus on VirusTotal as malicious
The binary likely contains encrypted or compressed data.
Installs itself for autorun at Windows startup

Screenshots

Static Analysis

Version Infos

Sections

Imports

Strings

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

Behavior Summary

Files
  • C:\
Mutexes Nothing to display.
Registry Keys
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Disk\Enum
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall

Processes

registry filesystem process services network synchronization

Notification_72384792387498237989237498237498.exe PID: 988, Parent PID: 456

Volatility

Nothing to display.